Skip to content

Commit

Permalink
chore: update lint (#3338)
Browse files Browse the repository at this point in the history
Signed-off-by: Sertac Ozercan <[email protected]>
  • Loading branch information
sozercan authored Mar 28, 2024
1 parent 1dca4df commit 07fae2f
Show file tree
Hide file tree
Showing 30 changed files with 270 additions and 170 deletions.
53 changes: 53 additions & 0 deletions .github/workflows/check-manifest.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
name: check-manifest
on:
push:
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
pull_request:
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"

permissions: read-all

jobs:
check_manifest:
name: "Check codegen and manifest"
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true
- name: Check go.mod and manifests
run: |
# there should be no additional manifest or go.mod changes
go mod tidy
git diff --exit-code
make generate manifests
git diff --exit-code
4 changes: 2 additions & 2 deletions .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
#
# This Action will scan dependency manifest files that change as part of a Pull Request,
# surfacing known-vulnerable versions of the packages declared or updated in the PR.
# Once installed, if the workflow run is marked as required,
# Once installed, if the workflow run is marked as required,
# PRs introducing known-vulnerable packages will be blocked from merging.
#
# Source repository: https://github.com/actions/dependency-review-action
Expand All @@ -14,7 +14,7 @@ permissions:

jobs:
dependency-review:
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
Expand Down
43 changes: 43 additions & 0 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
name: lint

on:
push:
branches:
- master
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
pull_request:
branches:
- master
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"

permissions: read-all

jobs:
lint:
runs-on: ubuntu-22.04
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: lint
run: make lint
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ permissions: read-all
jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
runs-on: ubuntu-22.04
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
Expand Down
59 changes: 59 additions & 0 deletions .github/workflows/test-gator.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
name: build_test
on:
push:
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
pull_request:
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"

permissions: read-all

jobs:
gator_test:
name: "Test Gator"
runs-on: ubuntu-22.04
timeout-minutes: 5
strategy:
fail-fast: false
matrix:
KUBERNETES_VERSION: ["1.26.3", "1.27.1", "1.28.0", "1.29.0"]
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true

- name: Download e2e dependencies
run: |
mkdir -p $GITHUB_WORKSPACE/bin
echo "$GITHUB_WORKSPACE/bin" >> $GITHUB_PATH
make e2e-dependencies KUBERNETES_VERSION=${{ matrix.KUBERNETES_VERSION }}
- name: gator test
run: make test-gator-containerized
56 changes: 56 additions & 0 deletions .github/workflows/unit-test.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
name: unit-test
on:
push:
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"
pull_request:
paths-ignore:
- ".github/workflows/website.yaml"
- "docs/**"
- "library/**"
- "demo/**"
- "deprecated/**"
- "example/**"
- "website/**"
- "**.md"
- "!cmd/build/helmify/static/README.md"

permissions: read-all

jobs:
test:
name: "Unit test"
runs-on: ubuntu-22.04
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true

- name: Unit test
run: make native-test

- name: Codecov Upload
uses: codecov/codecov-action@54bcd8715eee62d40e33596ef5e8f0f48dbbccab # v4.1.0
with:
flags: unittests
file: ./cover.out
fail_ci_if_error: false
109 changes: 0 additions & 109 deletions .github/workflows/workflow.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -26,115 +26,6 @@ on:
permissions: read-all

jobs:
lint:
name: "Lint"
runs-on: ubuntu-22.04
timeout-minutes: 7
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true

# source: https://github.com/golangci/golangci-lint-action
- name: golangci-lint
uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0
with:
# version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
version: v1.55.2

test:
name: "Unit test"
runs-on: ubuntu-22.04
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true

- name: Unit test
run: make native-test

- name: Codecov Upload
uses: codecov/codecov-action@54bcd8715eee62d40e33596ef5e8f0f48dbbccab # v4.1.0
with:
flags: unittests
file: ./cover.out
fail_ci_if_error: false

check_manifest:
name: "Check codegen and manifest"
runs-on: ubuntu-22.04
timeout-minutes: 10
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true
- name: Check go.mod and manifests
run: |
# there should be no additional manifest or go.mod changes
go mod tidy
git diff --exit-code
make generate manifests
git diff --exit-code
gator_test:
name: "Test Gator"
runs-on: ubuntu-22.04
timeout-minutes: 5
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit

- name: Check out code into the Go module directory
uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2

- name: Set up Go
uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
with:
go-version: "1.22"
check-latest: true

- name: Download e2e dependencies
run: |
mkdir -p $GITHUB_WORKSPACE/bin
echo "$GITHUB_WORKSPACE/bin" >> $GITHUB_PATH
make e2e-dependencies KUBERNETES_VERSION=${{ matrix.KUBERNETES_VERSION }}
- name: gator test
run: make test-gator-containerized

build_test:
name: "Build and Test"
runs-on: ubuntu-22.04
Expand Down
4 changes: 3 additions & 1 deletion .golangci.yaml
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
run:
timeout: 5m
skip-files:

issues:
exclude-files:
- pkg/target/matchcrd_constant.go

linters-settings:
Expand Down
8 changes: 4 additions & 4 deletions Makefile
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ GATEKEEPER_NAMESPACE ?= gatekeeper-system

# When updating this, make sure to update the corresponding action in
# workflow.yaml
GOLANGCI_LINT_VERSION := v1.55.2
GOLANGCI_LINT_VERSION := v1.57.1

# Detects the location of the user golangci-lint cache.
GOLANGCI_LINT_CACHE := $(shell pwd)/.tmp/golangci-lint
Expand Down Expand Up @@ -361,10 +361,10 @@ manifests: __controller-gen
# across systems.
# Source: https://golangci-lint.run/usage/install/#docker
lint:
docker run --rm -v $(shell pwd):/app \
docker run -t --rm -v $(shell pwd):/app \
-v ${GOLANGCI_LINT_CACHE}:/root/.cache/golangci-lint \
-w /app golangci/golangci-lint:${GOLANGCI_LINT_VERSION}-alpine \
golangci-lint run -v
-w /app golangci/golangci-lint:${GOLANGCI_LINT_VERSION} \
golangci-lint run -v --fix

# Generate code
generate: __conversion-gen __controller-gen
Expand Down
1 change: 0 additions & 1 deletion pkg/audit/stats_reporter.go
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,6 @@ func newStatsReporter() (*reporter, error) {
metric.WithDescription("Total number of audited violations"),
metric.WithInt64Callback(r.observeTotalViolations),
)

if err != nil {
return nil, err
}
Expand Down
Loading

0 comments on commit 07fae2f

Please sign in to comment.